ïż
HOWTO Setup a Virtual Postfix/Courier Mail System with PostfixAdmin - Gentoo Linux Wiki
@import url( /skins/monobook/main.css?7 );
var skin = 'monobook';var stylepath = '/skins';
@import url( /index.php?title=MediaWiki:Common.css&action=raw&ctype=text/css&smaxage=18000 );
@import url( /index.php?title=MediaWiki:Monobook.css&action=raw&ctype=text/css&smaxage=18000 );
@import url( /index.php?title=-&action=raw&gen=css&maxage=18000 );
var wgScriptPath="";
var wgServer="http://gentoo-wiki.com";
HOWTO Setup a Virtual Postfix/Courier Mail System with
PostfixAdmin
From Gentoo Linux Wiki
Jump to: navigation,
search
Contents
1 Introduction
1.1 Notes From the
Author
1.2 Why
PostfixAdmin
1.3 Which
Packages
2 Default Settings
3 Portage
3.1 /etc/make.conf
3.2 /etc/portage/package.use
4 Postgrey
4.1 Why
Greylist?
4.2 Installation
4.3 Delay Time
5 Postfix
5.1 Install
5.2 main.cf
5.3 mysql_relay_domains_maps.cf
5.4 mysql_virtual_alias_maps.cf
5.5 mysql_virtual_domains_maps.cf
5.6 mysql_virtual_mailbox_limit_maps.cf
5.7 mysql_virtual_mailbox_maps.cf
6 courier-authlib
6.1 Install
6.2 Config files
6.3 Socket
permissions
6.4 Runlevel
7 Courier-imap
7.1 Install
7.2 Config
8 Server Scripts
9 Oddities
9.1 Adding Multiple Emails
to an Alias
9.2 Active Check Box
Doesn't work
if (window.showTocToggle) { var tocShowText = "show"; var tocHideText = "hide"; showTocToggle(); }
[edit]
Introduction
I recently moved my original mail system, built using the Gentoo Virtual
How-to, over to a PostfixAdmin run system. Additionally I took this time to add
Postgrey and switch to encrypted passwords using Courier's new authlib, which
I'll detail as well.
[edit]
Notes From the Author
kashani (2005.07.26): This a work in process. I just went live
with this system a few weeks ago and finally have time to run through the setup
again on a fresh server. Should be done within a month... with any luck.
kashani (2006.01.07): Added my configs and some of the method
behind the madness. DO NOT use this how-to if you have never built a virtual
mail system... it's very incomplete and you'll hate me.
[edit]
Why PostfixAdmin
PostfixAdmin provides a nice frontend for a Postfix/Courier based virtual
mail server. As an admin you create a domain admin, create their domains, own
the domains to the domain admin, and now you the admin can go back to reading
the Gentoo forums rather than creating users, changing passwords, or deleting
accounts.
And managing your email system with PHPMyadmin sucks.
[edit]
Which Packages
This How-to assumes you have Postfix 2.2 or better and Courier 4.0 or better.
Any previous versions of those utilities will not work with the syntax presented
here.
[edit]
Default Settings
All mail is in /var/vmail/All mail is owned by the Postfix userThe
database is called postfixThe database user is called postfixThe
database password is IheartPostfix You should change that
[edit]
Portage
I like the following USE variables for a standalone mail server, but the
minus flags aren't really necessary
[edit]
/etc/make.conf USE="apache2 mysql threads nptl libwww sasl ssl maildir imap vhosts -acl -alsa -cups -doc -gnome -gtk -gtk2 -ipv6 -java -kde -nls -oss -qt -sdl -X"
[edit]
/etc/portage/package.use mail-mta/postfix mysql ssl sasl vda
dev-libs/cyrus-sasl authdaemond -mysql
mail-client/squirrelmail virus-scan
net-www/apache -threads
dev-php/mod_php gd session nls
dev-php/php gd session nls
Couple of explainations here. We're going to slave SASL off
Courier-authlib instead of having it talk directly to the database. This allows
us to use encrypted passwords and seems to work better as well. However there
have been some weird authlib problems in recent updates so watch your upgrades.
NLS is require by PHP if you plan to use the Horde framework for your
webmail. If you want to use SquirrelMail you can drop NLS from PHP. I like Horde
better however.
I think you can drop the -threads from Apache. I was playing with
eaccelerator, a PHP accelerator, which didn't play well with threaded Apache.
[edit]
Postgrey
[edit]
Why Greylist?
It's the simplest way to stop significant spam and it uses far less resources
than just about any other method. Right now postgrey is in portage and works
fairly well. At some point in the future sqlgrey will stabilize in portage and
this how-to will likely switch to it.
[edit]
Installation emerge postgrey
echo "POSTGREY_OPTS=\"--delay=30\"" >> /etc/conf.d/postgrey
rc-update add postgrey default
[edit]
Delay Time
I recommend a very small delay time as I've used above. Many webmail sites
like Hotmail will attempt to delivery every thirty seconds for the first three
minutes. The next retry will be fifteen minutes after the last retry. By using a
very small delay you can still provide effective greylisting, but keep the total
delay to a minimum.
[edit]
Postfix
[edit]
Install
First verify that you have all the proper USE flags enabled. A pretend should
look like this. popmail ~ # emerge -pv postfix
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild U ] mail-mta/postfix-2.2.5 [2.2.2-r1] -hardened -ipv6 -ldap -mailwrapper -mbox
+mysql -nis +pam -postgres +sasl (-selinux) +ssl +vda 2,371 kB
Then install.
[edit]
main.cf
This is fairly unfancy. No ssl/tls or quotas.
# attachement filtering
mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
# Size settings
message_size_limit = 20480000
mailbox_size_limit = 102400000
# SASL settings
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:207
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 207
virtual_transport = virtual
virtual_uid_maps = static:207
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unlisted_recipient,
check_policy_service inet:127.0.0.1:10030,
reject_unauth_destination,
permit
[edit]
mysql_relay_domains_maps.cf user = postfix
password = IheartPostfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '1'
[edit]
mysql_virtual_alias_maps.cf user = postfix
password = IheartPostfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s'
[edit]
mysql_virtual_domains_maps.cf user = postfix
password = IheartPostfix
hosts = localhost
dbname = postfix
query = SELECT description FROM domain WHERE domain='%s'
[edit]
mysql_virtual_mailbox_limit_maps.cf user = postfix
password = IheartPostfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s'
[edit]
mysql_virtual_mailbox_maps.cf user = postfix
password = IheartPostfix
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s'
[edit]
courier-authlib
[edit]
Install
Again verify the use variables popmail ~ # emerge -pv courier-authlib
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild R ] net-libs/courier-authlib-0.55 +berkdb +crypt -debug
+gdbm -ldap +mysql +pam -postgres 1,959 kB
[edit]
Config files
/etc/courier/authlib/authmysqlrc #DEFAULT_DOMAIN domain.tld
MYSQL_CRYPT_PWFIELD password
MYSQL_DATABASE postfix
MYSQL_GID_FIELD '207'
MYSQL_HOME_FIELD '/var/vmail'
MYSQL_LOGIN_FIELD username
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_OPT 0
MYSQL_PASSWORD IheartPostfix
# Uncomment below if you want quota support.
#MYSQL_QUOTA_FIELD quota
MYSQL_SERVER localhost
MYSQL_UID_FIELD '207'
MYSQL_USERNAME postfix
MYSQL_USER_TABLE mailbox
#MYSQL_WHERE_CLAUSE server='example.domain.com'
You'll need to make sure that this line includes authmysql first.
/etc/courier/authlib/authdaemonrc authmodulelist="authmysql authpam"
[edit]
Socket permissions
You may need to loosen permissons on /var/lib/courier/authdaemon/socket I'd
try it on your system first and if you see permission denied errors this is
likely the problem. Maybe popmail ~ # chmod +x /var/lib/courier/authdaemon
could solve the problem.
[edit]
Runlevel
And finally add courier-authlib to your default runlevel rc-update add courier-authlib default
[edit]
Courier-imap
[edit]
Install
Again verify USE flags. popmail ~ # emerge -pv courier-imap
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild R ] net-mail/courier-imap-4.0.1 +berkdb -debug -fam +gdbm
-ipv6 -nls* (-selinux) 0 kB
[edit]
Config
For large virtual systems remember to increase per IP connections in
/etc/courier-imap/imapd and any other services you plan to offer to the public.
[edit]
Server Scripts rc-update add apache2 default
rc-update add mysql default
rc-update add courier-imapd default
rc-update add courier-pop3d default
rc-update add postgrey default
rc-update add postfix default
rc-update add saslauthd default
[edit]
Oddities
Here are a couple of weird issues that I ran into while installing Postfix
Admin or using it.
[edit]
Adding Multiple Emails to an Alias
Create an alias pointing to a single address. Now edit the alias again.
You'll be able to add multiple email addresses, one per line, to the alias now.
[edit]
Active Check Box Doesn't work
The how-to I followed seems to be missing a few lines in the mysql-*.conf
files needed to recognized the Active check box. The Active setting is never
checked in the database so you can't turn off a domain or setup a complicated
domain and then make it active when you're ready for mail to start coming in.
There is a workaround on the forums I'll be testing tonight.
Retrieved from "http://gentoo-wiki.com/HOWTO_Setup_a_Virtual_Postfix/Courier_Mail_System_with_PostfixAdmin"
Category:
HOWTO
Browse categories
> HOWTO
Views
Article
Discussion
and Bugs
Edit
This Page
History
Personal tools
Log
in / create account
if (window.isMSIE55) fixalpha();
Navigation
Main Page
Wiki News
Recent changes
Random
page
Help
Search
Indexes
HOWTO
Index
Tips &
Tricks
MAN Pages
Hardware
Security
FAQ
Screenshots
Misc
Other
Indexes
Wiki
Pages
Wanted Articles
Categories
Toolbox
What
links here
Related
changes
Upload
file
Special pages
Printable
version
Permanent
link
This page was last modified 06:26, 3 July 2006.
This page has been accessed 9,871 times.
Privacy
policy
About Gentoo Linux
Wiki
Disclaimers
if (window.runOnloadHook) runOnloadHook();
Wyszukiwarka
Podobne podstrony:
2010 03 Wake Up Setting Up a Fast Boot System with Tiny Core Linuxdeveloping large scale systems with the rational unified processzA2AF65Modeling complex systems of systems with Phantom System Models2009 10 Playing Fetch Building a Dedicated Download System with Rtorrent21 1 Charge air system with turbocharger checking07 04 Saloon with bulb failure warning system (with gas discharge headlamps)2002 07 Ssh How to Remotely Connect to a System with Ssh21 44 Charge pressure system with exhaust turbocharger service2005 09 Cooking with Gentoo Installing and Managing Gentoo Linux2002 09 Creating Virtual Worlds with Pov Ray and the Right Front End2009 04 Tag Master Public Key Infrastructure with the Dogtag Certificate SystemSplitting AVI With Virtual DubBlue System Only with Youmail howto 6 ulk4fm6ss4xaa3hhsbrkra7qrpmayo5gstu5wyq ulk4fm6ss4xaa3hhsbrkra7qrpmayo5gstu5wyqchecklist good transport mail courier servicemail howto 7 7wd7rtwcevquv7ut24obbw7cs5j7r5ryrgsvjia 7wd7rtwcevquv7ut24obbw7cs5j7r5ryrgsvjiavirtual services howto ym6h2bejxvus25y5v2fkhmbbzaaxns3bkwfovgy ym6h2bejxvus25y5v2fkhmbbzaaxns3bkwfovwięcej podobnych podstron